ICMP Block With IPTABLES

Vishal Vyas (Linux Admin)

How to use IPtables to block ICMP(Internet Control Message Protocol) requests?Ans : To do this we have understand why we require this thing should be done.
When Hackers try to hack in to any machine first thing they will do is a basic ping test.

Code :#ping target-machine
If this is succeed they will come to a conclusion that system is up and they can go forward and they can do DDOS attacks or try to find some other open ports using NMAP command.

Code :#nmap target-machineSo if you are exposing a machine to outer world from your network, first disable incoming ping requests to your machine as follows.

So this can be done by two ways through IPtables 1. Reject the ICMP packets.2. Drop the ICMP packets.

In the above mentioned methods best thing is to drop the ICMP packets, by doing this we are not giving any clue to hacker whether the system is alive or not. Where as if we do reject definitely hacker will come to know that ICMP packets are blocked and the system is live.

How to allow icmp ping request in case you want them,First we have to remove the rule which we created for blocking the icmp ping.#iptables –D INPUT –p icmp –icmp-type echo-request –j DROPThen execute the following commands#iptables –A INPUT –p icmp –icmp-type echo-request –j ACCEPT#service iptables save#service iptables restartSome points to be notedWhat are the methods used by hackers using this ICMP ping?Though these are old denial-of-service attack (DoS attack), worth to learn themPing flood
Smurf attack
Ping to deathPlease comment your thoughts regarding this post:-)